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DETAILED ACTION 

EXAMINER'S AMENDMENT 

An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Mr. Gregory A. Nelson on June 20, 2005. 

The application has been amended as follows: 

Please enter the following readable copy of amendments to claims as 
replacement to the amended claims file on May 31 , 2005: 




Amendments to Claims: 

This listing of claims will replace all prior versions and listings of claims in the 
instant application; 

Listing of Claims: 

1 . (Currently Amended) A method for performing secured communications 
between a Voice Browser and a network device, said Voice Browser and network 
device exchanging VoiceXML-based Web content comprising the steps of: 

a Voice Browser receiving an audible request from a user, said audible request 
being a request for Web content; 

responsive to said audible request, the Voice Browser transmitting a request to 
the network device associated with the Web-based content to establish a secured 
communication session between the Voice Browser and the network device; 

authenticating the network device; 

subsequent to said authentication, negotiating a shared secret between the 
network device and the Voice Browser; 

encrypting the VoiceXML-based Web content using said shared secret as an 
encryption key; 

exchanging the encrypted VoiceXML-based Web content between the 
network device and the Voice Browser; [[and,]] 

decrypting the VoiceXML-based Web content using said shared secret as a 

decryption key[[.]] ; and 

the Voice Browser audibly presenting the decrypted W eb content to said user, 
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2. (Original) The method of claim 1, wherein said step of authenticating the 
network device comprises the steps of: 

transrnirting a digital certificate from the network device to the Voice 
Browser, said digital certificate having a public key and a reference to a certificate 
authority; and, 

validating said certificate authority. 

3. (Original) The method of claim 2, wherein said digital certificate is an 
X.509-compliant digital certificate. 

4. (Original) The method of claim 1, further comprising the step of 
authenticating the Voice Browser. 

5. (Original) The method of claim 4, wherein said step of authenticating the 
Voice Browser comprises the steps of: 

tj^mitting a digital certificate from the Voice Browser to the network 
device, said digital certificate having a public key and a reference to a certificate 
authority; and, 

validating said certificate authority. 

6. (Original) The method of claim 5, wherein said digital certificate is an 
X.509-compliant digital certificate. 

7. (Original) The method of claim 2, wherein said step of authenticating the 
network device further comprises the step of challenging the network device. 
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8. (Original) The method of claim 5, wherein said step of authenticating the 
Voice Browser further comprises the step of challenging the Voice Browser. 

9. (Original) The method of claim 7, wherein said step of challenging the 
network device comprises the steps of: 

encrypting a message using said public key contained in said digital 
certificate; 

transmitting said encrypted message from the Voice Browser to the network 
device; 

decrypting said encrypted message using a private key corresponding to said 
public key; and, 

transmitting the decrypted message to the Voice Browser. 

10. (Original) The method of claim 8, wherein said step of challenging the 
Voice Browser comprises the steps of: 

encrypting a message using said public key contained in said digital 
certificate; 

transmitting said encrypted message from the network device to the Voice 
Browser, 

decrypting said encrypted message using a private key corresponding to said 
public key; and, 

transmitting the decrypted message to the network device. 

11. (Original) The method of claim 1, wherein said negotiating step comprises 
the steps of: 

generating a key for use in a symmetric cryptographic algorithm; 
encrypting said generated key with said public key; 
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transmitting said encrypted key to the network device; and, 
decrypting said key in the network device with a private key corresponding to 
said public key. 

12. (Original) The method of claim 1 , wherein said negotiating step comprises 
the steps of: 

generating a key for use in a symmetric cryptographic algorithm; 
encrypting said generated key with said public key; 
transmitting said encrypted key to the Voice Browser; and, 
decrypting said key in the Voice Browser with a private key corresponding to 
said public key. 

1 3 . (Original) The method of claim 1 , further comprising the steps of: 
exchanging a list of supported symmetrical cryptographic algorithms for the 

network device and the Voice Browser; 

selecting a symmetrical cryptographic algorithm from said list; and, 
performing said encrypting and decrypting steps using said selected 

symmetrical cryptographic algorithm. 

14. (Original) The method of claim 1, wherein said Voice Browser is a 
VoiceXML Browser Server. 

1 5. (Currently Amended) A method for performing secured communications 
in a Voice Browser comprising the steps of: 

a Voice Browser receiving an audible r equest from a user, said audible request 
beinp a request for Web content: 
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responsive to said audible request, the Voice Browser transmitting a request 
from the Voice Browser to a network device associated with the W eb-based content 
for a secure communications session between the Voice Browser and the network 
device; 

receiving from the network device a digital certificate containing a public key 
and a reference to a certificate authority. 

authenticating the network device based on the digital certificate; 

subsequent to said authentication, negotiating a shared secret with the network 
device; 

encrypting data using said shared secret as an encryption key and transmitting 
said encrypted data to the network device;[[ and,]] 

receiving encrypted Web content from the network device and decrypting the 
Web content using said shared secret as a decryption key; and,[[.]] 

the Voice Browser audibly presenting the decrypted Web cont ent to said user. 

16. (Original) The method of claim 15, wherein said transmitting step further 
comprises the step of: 

transmitting to said network device a list of supported encryption algorithms 
for use in said encryption and decryption steps, 

said network device selecting an encryption algorithm from among said list, 

17. (Original) The method of claim 16, wherein said data is encrypted using 
said selected. encryption algorithm and said Web content is decrypted using said 
encryption algorithm. 

18. (Original) The method of claim 15, wherein said digital certificate is an 
X.509-compliant digital certificate. 
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19. (Original) The method of claim 15, wherein said Web content is a 
VoiceXML document. 

20. (Original) The method of claim 19, wherein said Voice Browser is a 
VoiceXML Browser Server. 

2 1 . (Currently Amended) A machine readable storage, having stored thereon 
a computer program for perfcirrning secured communications between a Voice 
Browser and a nerwork device, said Voice Browser and network device exchanging 
VoiceXML-based Web content, said computer program having a plurality of code 
sections executable by a machine for causing the machine to perform the steps of: 

a voice browser receiving an audible request from a user, said audible request 
being a request for Web content: 

responsive to said audible request, the Voice Browser transmitting a request to 
the network device associated with the W eb-based content to establish a secured 
communication session between the Voice Browser and the network device; 

authenticating the network device; 

subsequent to said authentication, negotiating a shared secret between the 
network device and the Voice Browser; 

encrypting the VoiceXML-based Web content using said shared secret as an 

encryption key; 

exchanging the encrypted VoiceXML-based Web content between the 
network device and the Voice Browser; [[and,]] 

decrypting the VoiceXML-based Web content using said shared secret as a 

decryption key[[.]] LSPd 

the Voice Browser audibly presenting the decrypted Web content to said user. 
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22. (Original) The machine readable storage of claim 21, wherein said step of 
authenticating the network device comprises the steps of: 

transmitting a digital certificate from the network device to the Voice 
Browser, said digital certificate having a public key and a reference to a certificate 
authority, and, 

validating said certificate authority. 

23. (Original) The machine readable storage of claim 22, wherein said digital 
certificate is an X.509-compliant digital certificate. 

24. (Original) The machine readable storage of claim 21, for further causing 
the machine to perform the step of authenticating the Voice Browser. 

25. (Original) The machine readable storage of claim 24, wherein said step of 
authenticating the Voice Browser comprises the steps of: 

trarismitting a digital certificate from the Voice Browser to the network 
device, said digital certificate having a public key and a reference to a certificate 

authority; and, 

validating said certificate authority. 

26. (Original) The machine readable storage of claim 25, wherein said digital 
certificate is an X.509-compliant digital certificate. 

27. (Original) The machine readable storage of claim 22, wherein said step of 
authenticating the network device further comprises the step of challenging the 
network device. 
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28. (Original) The machine readable storage of claim 25, wherein said step of 
authenticating the Voice Browser further comprises the step of challenging the Voice 
Browser. 

29. (Original) The machine readable storage of claim 27, wherein said step of 
challenging the network device comprises the steps of: 

encrypting a message using said public key contained in said digital 
certificate; 

transmirring said encrypted message from the Voice Browser to the network 
device; 

decrypting said encrypted message using a private key corresponding to said 

public key; and, 

transmitting the decrypted message to the Voice Browser. 

30. (Original) The machine readable storage of claim 28, wherein said step of 
challenging the Voice Browser comprises the steps of: 

encrypting a message using said public key contained in said digital 
certificate; 

transmitting said encrypted message from the network device to the Voice 
Browser; 

decrypting said encrypted message using a private key corresponding to said 

public key, and, 

transmitting the decrypted message to the network device. 

31. (Original) The machine readable storage of claim 21, wherein said 
negotiating step comprises the steps of: 

9 

PAGE 10/18* RCVD AT 6/20/2005 9:35:45 AM [Eastern Daylight Time] ' SVR:USPTO-EFXRM/24 1 DNIS:2733808 ■ CSID: ' DURATION (mm-ss):04-56 



ay — - — — , 
Advisory Action of April 29, 2005 

tNo. 6169-159 



f *f I ( 



generating a key for use in a symmetric cryptographic algorithm; 
encrypting said generated key with said public key; 
transmitting said encrypted key to the network device; and, 
decrypting said key in the network device with a private key corresponding to 
said public key. 

32. (Original) The machine readable storage of claim 21, wherein said 
negotiating step comprises the steps of: 

generating a key for use in a symmetric cryptographic algorithm; 
encrypting said generated key with said public key; 
transmimng said encrypted key to the Voice Browser, and, 
decrypting said key in die Voice Browser with a private key corresponding to 
said public key. 

33. (Original) The machine readable storage of claim 21, for further causing 
the machine to perform the steps of: 

exchanging a list of supported symmetrical cryptographic algorithms for the 

network device and the Voice Browser; 

selecting a symmetrical cryptographic algorithm from said list; and, 
performing said encrypting and decrypting steps using said selected 

symmetrical cryptographic algorithm. 

34. (Original) The machine readable storage of claim 21, wherein said Voice 
Browser is a VoiceXML Browser Server. 

35. (Currently Amended) A machine readable storage, having stored thereon 
a computer program for performing secured communications in a Voice Browser, 
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said computer program having a plurality of code sections executable by a machine 
for causing the machine to perform the steps of: 

a Voice Browser receiving an audible request from a user, said audible request 
being a request for Web content: 

responsive to said audible request, the Voice Browser transmitting a request 
from the Voice Browser to a network device associated with the Web-based content 
for a secure communications session between the Voice Browser and the network 
device; 

receiving from the network device a digital certificate containing a public key 
and a reference to a certificate authority. 

authenticating the network device based on the digital certificate; 

subsequent to said authentication, negotiating a shared secret with the network 
device; 

encrypting data using said shared secret as an encryption key and transmitting 
said encrypted data to the network device;[[ and,]] 

receiving encrypted Web content from the network device and decrypting the 
Web content using said shared secret as a decryption keyiand,[[.]] 

rhe Voice Browser audibly presenting the decryp ted Web content to said user. 

36. (Original) The machine readable storage of claim 35, wherein said 
transmitting step further comprises the step of: 

transrmtting to said network device a list of supported encryption algorithms 
for use in said encryption and decryption steps, 

said network device selecting an encryption algorithm from among said list. 
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37. (Original) The machine readable storage of claim 36, wherein said data is 
encrypted using said selected encryption algorithm and said Web content is 
decrypted using said encryption algorithm. 

38. (Original) The machine readable storage of claim 35, wherein said digital 
certificate is an X.509-compliant digital certificate. 

39. (Original) The machine readable storage of claim 35, wherein said Web 
content is a VoiceXML document. 

40. (Original) The machine readable storage of claim 39, wherein said Voice 
Browser is a VoiceXML Browser Server. 
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Allowable Subject Matter 

1. Claims 1-40 are allowed. 

2. The following is an examiner's statement of reasons for allowance: 

3. The primary reasons for the allowance of the independent claims 1 , 15,21 and 
35 are the inclusion of the following limitation that is not found in the prior art and they 
are uniquely distinct features. The closest prior arts are Saylor et al (6,707,889 A1) and 
Jardin (6,681,327 B1). Saylor et al Saylor teaches a method for secure communication 
between a voice browser and a server with XML-based content transaction. Saylor also 
teaches an authentication process for a secure transaction between the Voice browser 
and the network server storing XML-based voice files. Jardin discloses a system for a 
secure client-server communication over Internet using a secure links such as secure 
socket layer (SSL) and IPSec. These two arts, singularly or in combination, fail to 
anticipate or render the following limitation: 

"Claims 1, 15, 21 and 35: a Voice Browser receiving an audible request from a 
user, aid audible request being a request for Web content; 

responsive to said audible request, the Voice Browser transmitting a 
request to the network device associated with the Web-based content to 
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establish a secured communication session between the Voice Browser and the 
network device; and 

the Voice Browser audibly presenting the decrypted Web content to said 

user." 

4. The dependent claims 2-14, 16-20, 22-34 and 36-40 are allowed because they 
were originally found to include a unique feature not found in the closest 
abovementioned art. 

Conclusion 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Abdulhakim Nobahar whose telephone number is 571- 
272-3808. The examiner can normally be reached on M-F 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 703-305-1830. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Abdulhakim Nobahar 

Examiner 

Art Unit 2132 
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